Millions of Android devices have preloaded vulnerabilities – report

Rappler.com reports: “A new report from mobile security firm, Kryptowire, claims that millions of Android devices ship with preloaded security vulnerabilities that are just waiting to be exploited. According to Wired, who received an early copy of the report, Kryptowire found firmware bugs in 10 different devices sold by major American carriers. This means millions of similar devices manufactured by companies that include Asus, LG, Essential, and ZTE could also be affected. The bugs and security flaws could for instance let an attacker lock people out of their devices or take control of their microphones. Most of the attacks, however, reportedly required the user to download a certain malicious app before the security lapses become exploitable. Kryptowire explains that these vulnerabilities are a byproduct of Android’s open operating system that allows third-party companies such as device manufacturers and carriers to tweak code.”